[Git][security-tracker-team/security-tracker][master] Add CVE-2023-37920/python-certifi
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jul 26 14:09:44 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
50c87fb4 by Salvatore Bonaccorso at 2023-07-26T15:09:18+02:00
Add CVE-2023-37920/python-certifi
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -53,7 +53,9 @@ CVE-2023-38435 (An improper neutralization of input during web page generation (
CVE-2023-38433 (Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded c ...)
NOT-FOR-US: Fujitsu
CVE-2023-37920 (Certifi is a curated collection of Root Certificates for validating th ...)
- TODO: check
+ - python-certifi <unfixed> (unimportant)
+ NOTE: https://github.com/certifi/python-certifi/security/advisories/GHSA-xqr8-7jwr-rhp7
+ NOTE: Debian's python-certifi is patched to return the location of Debian-provided CA certificates
CVE-2023-37919 (Cal.com is open-source scheduling software. A vulnerability allows act ...)
TODO: check
CVE-2023-37907 (Cryptomator is data encryption software for users who store their file ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/50c87fb4285412203d11e58587991d7b3e703750
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/50c87fb4285412203d11e58587991d7b3e703750
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230726/b6005c88/attachment.htm>
More information about the debian-security-tracker-commits
mailing list